<?php
session_start();

if (!$_SESSION['loggedin']) {
?>
    <html>
        <head>
            <link rel="stylesheet" href="css/style.css" type="text/css" id="" media="print, projection, screen" />
            <script type="text/javascript" src="script/jquery-latest.js"></script>

            <title>TUP Professor Management</title>
            <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
        </head>

        <body style=" height:100%; width: 100%; background-image: url(image/wall6.jpg);">

            <div id="container" style="height:auto; width: 100%;">

                <div style="background-image: url(image/wall12.jpg); height: 110px; width: 100%; ">
                </div>


                <div align="center" style="background-image: url(image/wall11.jpg);  height: 74px; width: auto;">


                    <div align="center" style=" height: 4px; width: auto;"></div>
                    <div align="center" style=" height: 22px; width: auto;">

                    </div>
                    <div align="center" style=" height: 4px; width: auto;"></div>
                    <div align="center" style=" height: 22px; width: auto;">

                    </div>

                </div>


                <div align="center" style="  float:left; height:auto; width: 100%; background-image: url(image/wall6.jpg);">


                <?php
                include 'DBLibrary/config.php';
                include 'DBLibrary/openDB.php';

                if (isset($_POST['submit'])) {
                    $username = $_POST['username'];
                    $password = $_POST['password'];
                    date_default_timezone_set('Etc/GMT-8');
                    //Execute SQL Query
                    mysql_select_db($dbname);

                    $query = "SELECT * FROM user WHERE username ='" . $username . "' and password = '" . $password . "'";
                    $resArr = array();
                    $resArr = mysql_fetch_array(mysql_query($query));

                    if ($username == '' || $password == '')
                        echo "<h3 class=\"err\">Username or Password is Blank</h3>";
                    else if ($resArr == false) {
                        $_SESSION['loggedin'] = false;
                        // header("Location: index.php");
                        echo "<h3 class=\"err\">Username or Password is incorect</h3>";
                    } else {
                        $lastlogin = date('y-m-d H:i:s');

                        $query3 = "UPDATE user SET lastlogin =DATE_ADD(NOW(), INTERVAL 8 HOUR) WHERE username = '" . $username . "'";

                        mysql_query($query3);

                        $_SESSION['loggedin'] = true;
                        $_SESSION['fname'] = $resArr["fname"];
                        $_SESSION['lfmname'] = $resArr['lname'] . ",&nbsp;" . $resArr['fname'] . "&nbsp;" . $resArr['mname'] . ".";
                        $_SESSION['lastlogin'] = $resArr["lastlogin"];
                        $_SESSION['accounttype'] = $resArr["accounttype"];
                        $_SESSION['username'] = $username;
                        $_SESSION['idno'] = $resArr["idno"];


                        if ($_SESSION['accounttype'] == 'registrar')
                            echo "<script language='javascript'>window.location='SMMViewStud.php'</script>";
                        if ($_SESSION['accounttype'] == 'admin')
                            echo "<script language='javascript'>window.location='UMMViewUser.php'</script>";
                        if ($_SESSION['accounttype'] == 'professor')
                            echo "<script language='javascript'>window.location='AMMSelectSection.php'</script>";
                    }
                }

                include 'DBLibrary/closeDB.php';
                ?>

                <form method="post" action="index.php">

                    <p>Username:<input type="text" size="11" name="username"/></p>
                    <p>Password:<input type="password" size="11" name="password"/></p>

                    <input type="submit" name="submit" value ="   Login  "/>
                </form>

                <div id="footer" style="background-image: url(image/wall11.jpg);clear:both;text-align:center; height: 26px; width:auto;">
                    <div align="center" style=" height: 4px; width: auto;"></div>
                    <bb class ="small">Copyright &#169; 2011</bb>
                </div>

            </div>
        </div>

    </body>
</html>

<?php
            }
            else if ($_SESSION['loggedin'] && $_SESSION['accounttype'] == 'registrar') {
                echo "<script language='javascript'>window.location='SMMViewStud.php'</script>";
            } else if ($_SESSION['loggedin'] && $_SESSION['accounttype'] == 'admin') {
                echo "<script language='javascript'>window.location='UMMViewUser.php'</script>";
            } else if ($_SESSION['loggedin'] && $_SESSION['accounttype'] == 'professor') {
                echo "<script language='javascript'>window.location='AMMSelectSection.php'</script>";
            }
?>